SamuKata
oalabs
oalabs

patreon


C++ Strings and C Runtime (CRT) Reverse Engineering Tips

in this tutorial we examine C++ strings initialized in the CRT __initterm and how to take advantage of this setup when reverse engineering malware with encrypted strings.

Resources

Practice Examples

Attached are both the encrypted and non-encrypted compiled examples as well as the accompanying PDB files. I strongly recommend attempting to decrypt the strings using x64dbg by replicating the steps shown in the tutorial.

C++ Strings and C Runtime (CRT) Reverse Engineering Tips

More Creators